CVE-2026-2636

MEDIUM

Windows 11 2024 LTSC - DoS

Title source: llm

Description

This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash. Microsoft silently fixed this vulnerability in the September 2025 cumulative update for Windows 11 2024 LTSC and Windows Server 2025. Windows 25H2 (released in September) was released with the patch. Windows 1123h2 and earlier versions remain vulnerable.

Exploits (3)

github STUB 10 stars
by XiaomingX · pythonpoc
https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-2636
nomisec STUB
by uname1able · poc
https://github.com/uname1able/CVE-2026-2636
nomisec WORKING POC
by oxfemale · poc
https://github.com/oxfemale/CVE-2026-2636_PoC

References (1)

Scores

CVSS v3 5.5
EPSS 0.0005
EPSS Percentile 15.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-159
Status published
Products (2)
Microsoft/Windows OS < 1123h2
Microsoft/Windows OS < 25H2
Published Feb 25, 2026
Tracked Since Feb 26, 2026